﻿using System.Web;
using System.Web.SessionState;
using System;
using System.Data;
using olierFrm.DataBase.FrameWork.DataObject;
using olierFrm.WebFormDev.Cookie;
using olierFrm.WebFormDev.Session;
using olierFrm.WebFormDev;

namespace WebFormDev
{
    /// <summary>
    /// Summary description for Login1
    /// </summary>
    public class Login1 : IHttpHandler, IRequiresSessionState
    {

        public void ProcessRequest(HttpContext context)
        {
            if (context.Request.QueryString["action"] == "logout")
            {
                SModule.Session.RemoveAllModule();
                HttpContext.Current.Session.RemoveAll();
                HttpContext.Current.Session.Abandon();

                return;
            }
            DataObjectSQL dos = new DataObjectSQL("Account");
            string userName = context.Request.Form["UserName"];
            string password = context.Request.Form["Password"];
            string outPassword = Account.UserPassword(userName, password);

            dos.SetParam("UserID", userName);
            DataSet dsAccount = null;
            try
            {
                dsAccount = dos.ExecuteSQL();
            }
            catch (Exception ex)
            {
                context.Response.Write(ex.Message);
                return;
            }
            if (dsAccount.Tables[0].Rows.Count == 0)
            {
                context.Response.Write("用户名不存在！");
                return;
            }
            else if (((Convert.ToInt32(dsAccount.Tables[0].Rows[0]["UserTag"]) & 1) == 1))
            {
                context.Response.Write("用户已被禁用，请联系系统管理员！");
                return;
            }
            else if (dsAccount.Tables[0].Rows[0]["Password"].ToString() == outPassword)
            {

                context.Session[SUser.SessionID] = new SUser()
                {
                    Operator = context.Request.Form["UserName"],
                    UserName = dsAccount.Tables[0].Rows[0]["UserName"].ToString()
                };
                CTheme.Theme = context.Request.Form["Style"];
                context.Response.Write("success");
                return;
            }
            else
            {
                context.Response.Write("密码错误！");
                return;
            }
        }

        public bool IsReusable
        {
            get
            {
                return false;
            }
        }
    }
}